Difference between revisions of "r80 api notes"
From cpwiki.net
(→display rule by number) |
(→==display rule by number) |
||
| Line 14: | Line 14: | ||
==access rules== | ==access rules== | ||
| − | ===display rule by number= | + | ===display rule by number=== |
show rule 1 from policy named Standard | show rule 1 from policy named Standard | ||
mgmt_cli show access-rulebase name "Network" -s id.txt package "Standard" show-hits true --format json | jq '.rulebase[0]' | mgmt_cli show access-rulebase name "Network" -s id.txt package "Standard" show-hits true --format json | jq '.rulebase[0]' | ||
| Line 22: | Line 22: | ||
| ."rule-number"' | | ."rule-number"' | ||
1 | 1 | ||
| + | |||
| + | display rule number with comment containing a string haha | ||
| + | mgmt_cli show access-rulebase name "Network" -s id.txt package "Standard" show-hits true --format json | jq '.rulebase[] | select (.comments | contains("haha")) | {rulenum: ."rule-number", comment: .comments}' | ||
| + | |||
| + | { | ||
| + | "rulenum": 1, | ||
| + | "comment": "hahahlol" | ||
| + | } | ||
==links== | ==links== | ||
Revision as of 18:16, 22 March 2018
Contents |
examples
logging in
login and redirect session info to a file for reuse
# mgmt_cli login user admin > id.txt
search existing object
search objects by IP, return all objects that contain the ip explicitly or within a nework address space/range.
# mgmt_cli -s id.txt show objects filter "192.168.1.1" ip-only true --format json | jq '.objects[] | {name: .name, subnet: .subnet4, mask: ."mask-length4"}'
return only objects with the EXACT ip
# mgmt_cli -s id.txt show objects filter "192.168.1.1" ip-only true details-level full --format json | jq '.objects[] | select(."ipv4-address" == "192.168.1.1") | .name'
- details-level full will include more objects, including other stuff like type CpmiHostCkp (built in smartcenter object)
access rules
display rule by number
show rule 1 from policy named Standard
mgmt_cli show access-rulebase name "Network" -s id.txt package "Standard" show-hits true --format json | jq '.rulebase[0]'
display only the rule number for a rule with uid = xxx
mgmt_cli show access-rulebase name "Network" -s id.txt package "Standard" show-hits true --format json | jq '.rulebase[] | select (.uid == "1de8fab0-4858-4067-977d-1cbb5cd2e55d") | ."rule-number"'
1
display rule number with comment containing a string haha
mgmt_cli show access-rulebase name "Network" -s id.txt package "Standard" show-hits true --format json | jq '.rulebase[] | select (.comments | contains("haha")) | {rulenum: ."rule-number", comment: .comments}'
{
"rulenum": 1, "comment": "hahahlol"
}
links
parsing json return output jq
